Installing and Configuring cloudeye-exporter

Prometheus, an open source visualization tool, is used to display large-scale monitoring data. It has a wide user base in areas such as industrial monitoring, meteorological monitoring, home automation, and process management. After connecting Cloud Eye to Prometheus, you can use Prometheus to better monitor and analyze data from Cloud Eye. Before connecting Cloud Eye to Prometheus, you need to install and configure cloudeye-exporter.

More Labels Supported

cloudeye-exporter can be used to export metric data of all cloud services interconnected with Cloud Eye. To better identify and read cloud service resources, cloudeye-exporter can export more resource attribute labels for the following services. For example, for an ECS, hostname and ip information can be exported. In addition, Huawei Cloud tags can also be regarded as labels and exported.

**Table 1** Services for which more resource attribute labels can be exported
Cloud Service	Namespace	Whether to Support Export of More Labels	Tag Source
Elastic Cloud Server	SYS.ECS/AGT.ECS	√	Config or ECS
Elastic Volume Service	SYS.EVS	√	Config or EVS
Distributed Cache Service	SYS.DCS	√	Config
Direct Connect	SYS.DCAAS	√	Config
Virtual Private Cloud	SYS.VPC	√	Config
Cloud Search Service	SYS.ES	√	Config
Relational Database Service	SYS.RDS	√	Config
Elastic Load Balance	SYS.ELB	√	ELB
TaurusDB	SYS.GAUSSDB	√	Config
GaussDB	SYS.GAUSSDBV5	√	GaussDB
NAT Gateway	SYS.NAT	√	Config
Auto Scaling	SYS.AS	√	Config
FunctionGraph	SYS.FunctionGraph	√	Config
Data Replication Service	SYS.DRS	√	Config
Web Application Firewall	SYS.WAF	√	Config
Document Database Service	SYS.DDS	√	DDS
API Gateway	SYS.APIG	×	APIG
Cloud Backup and Recovery	SYS.CBR	√	Config or CBR
Data Lake Insight	SYS.DLI	√	Config and DLI
Scalable File Service	SYS.SFS	×	SFS
Scalable File Service Turbo	SYS.EFS	√	Config
Virtual Private Network	SYS.VPN	√	Config
Cloud Data Migration	SYS.CDM	×	CDM
GaussDB(DWS)	SYS.DWS	√	DWS
Content Moderation	SYS.MODERATION	×	N/A
Anti-DDoS	SYS.DDOS	√	Config
GeminiDB(for NoSQL)	SYS.NoSQL	×	GeminiDB(for NoSQL)
Distributed Message Service	SYS.DMS	√	Config
Distributed Database Middleware	SYS.DDMS	×	Config and DDM
Dedicated API Gateway	SYS.APIC	×	Dedicated API Gateway
Bare Metal Server	SYS.BMS/SERVICE.BMS	√	Config
ModelArts	SYS.ModelArts	√	Config
VPC Endpoint	SYS.VPCEP	√	Config
Graph Engine Service	SYS.GES	√	Config
Database Security Service	SYS.DBSS	√	Config
MapReduce Service	SYS.MRS	√	Config or MRS
LakeFormation	SYS.LakeFormation	√	Config or LakeFormation
DataArts Studio	SYS.DAYU	√	DataArts Studio
Cloud Firewall	SYS.CFW	√	Config
Log Tank Service	SYS.LTS	×	LTS
Live	SYS.LIVE	×	Live
Application Native Cloud	SYS.ANC	√	Config
Host Security Service	SYS.HSS	×	HSS
CloudTable	SYS.CloudTable	×	CloudTable
EventGrid	SYS.EG	√	Config
Object Storage Service	SYS.OBS	√	Config
Cloud Domain Name Service	SYS.DNS	√	CloudDNS
Enterprise Web Portal	SYS.EWP	√	EWP

When you customize a tag, the key can contain only uppercase letters, lowercase letters, and hyphens (-).

Preparing Environments

Ubuntu 18.04 and Prometheus 2.14.0 are used as examples.

**Table 2** Preparing environments
Environment	Description
Prometheus	prometheus-2.14.0.linux-amd64
ECS OS	Ubuntu 18.04
ECS private IP address	192.168.0.xx

Before exporting monitoring data, ensure that the account you use has the Read permission of the basic services, such as IAM, Cloud Eye, Config, and EPS, and the Read permission of the specific services whose data is to be exported.

Installing and Configuring cloudeye-exporter

Install cloudeye-exporter on the Ubuntu ECS.
In the cloudeye-exporter open source project (https://github.com/huaweicloud/cloudeye-exporter/releases) of GitHub, check the latest version of cloudeye-exporter and obtain its download address. Then, log in to the ECS, download the installation packages, and install cloudeye-exporter.

Example commands:
```
mkdir cloudeye-exporter
cd cloudeye-exporter
wget https://github.com/huaweicloud/cloudeye-exporter/releases/download/v2.0.5/cloudeye-exporter.v2.0.5.tar.gz
tar -xzvf cloudeye-exporter.v2.0.5.tar.gz
```

Edit the clouds.yml file to configure public cloud information.

Click the following link to view the region ID and auth_url:

Regions and Endpoints

global:
  port: "{private IP address}:8087" # This parameter specifies the listening port. For security purposes, do not to expose the cloudeye-exporter service port to the public network. You are advised to set this parameter to 127.0.0.1:{port} or {private IP address}:{port}, for example, 192.168.1.100:8087. To make the port accessible from the public network, set access control policies like security groups, firewalls, and iptables to limit access permissions.
  scrape_batch_size: 300
  resource_sync_interval_minutes: 20 # This parameter specifies how often resource information is updated. The default frequency is 180 minutes. If the value is less than 10 minutes, the resource information is updated once every 10 minutes.
  ep_ids:: "xxx1,xxx2" # Optional. Resources can be filtered by enterprise project ID. If this parameter is not configured, metrics of all resources are queried by default. Use commas (,) to separate multiple enterprise project IDs.
  logs_conf_path: "/root/logs.yml" # Optional. This parameter specifies the path of the log configuration file. The absolute path is recommended. If this parameter is not specified, the program uses the log configuration file in the directory where the startup command is located by default.
  metrics_conf_path: "/root/metric.yml" # Optional. This parameter specifies the path of the metric configuration file. The absolute path is recommended. If this parameter is not specified, the program uses the metric configuration file in the directory where the startup command is located by default.
  endpoints_conf_path: "/root/endpoints.yml" # Optional. This parameter specifies the configuration file path of the service domain name. The absolute path is recommended. If this parameter is not specified, the program uses the configuration file of the service domain name in the directory where the startup command is located by default.
  ignore_ssl_verify: false # Optional. By default, the SSL certificate is verified when cloudeye-exporter queries resources or metrics. If some functions are abnormal due to SSL certificate verification, set this parameter to true to skip SSL certificate verification.
auth:
  auth_url: "https://iam.{region_id}.myhuaweicloud.com/v3"
  project_name: "cn-north-1" # This parameter specifies the Huawei Cloud project name, which can be viewed on the Projects page on the IAM console.
  access_key: "" # This parameter specifies the access key of the IAM user. To avoid data leakage caused by plaintext AK and SK in the configuration file, decrypt them using a script and then import them.
  secret_key: ""
  region: "cn-north-1" # This parameter specifies the region ID.

The default monitoring port is 8087.

Start cloudeye-exporter.
By default, the clouds.yml file in the cloudeye-exporter installation directory is used. You can also use the -config parameter to specify the path of the clouds.yml file.
```
./cloudeye-exporter -config=clouds.yml
```
For security purposes, cloudeye-exporter provides the -s parameter. You can enter the AK/SK in the command line to prevent data leakage caused by plaintext AK/SK in the clouds.yml file.
```
./cloudeye-exporter -s true
```
The following is an example of starting the shell script. You are advised to configure the encrypted AK/SK in the script, decrypt the AK/SK using your own method, and transfer the decrypted AK/SK to cloudeye-exporter using the huaweiCloud_AK and huaweiCloud_SK parameters.
```
#!/bin/bash
## To prevent AK/SK leakage, do not configure plaintext AK/SK in the script.
huaweiCloud_AK=your_decrypt_function ("encrypted AK")
huaweiCloud_SK=your_decrypt_function ("encrypted SK")
$(./cloudeye-exporter -s true<<EOF
$huaweiCloud_AK $huaweiCloud_SK
EOF)
```